[Zeek] printing stream columns
Henri Dubois-Ferriere
henridf at gmail.com
Fri Nov 1 12:55:07 PDT 2019
Ooh that looks great. Thanks!
On Fri, 1 Nov 2019 at 20:53, Jon Siwek <jsiwek at corelight.com> wrote:
> On Fri, Nov 1, 2019 at 4:11 AM Henri Dubois-Ferriere <henridf at gmail.com>
> wrote:
>
> > I'd like to be able to peek into nested records to get the inner fields
> that will show up in the logs. It doesn't seem like there's a way to do
> record introspection given a string representation of the record type name,
> but if I'd be delighted to be told I'm missing something.
>
> No, didn't look like there was a way to do that, but I've made a
> PR/patch that should make recursive introspection possible via
> something like `record_fields("conn_id")` for any arbitrary record
> type name:
>
> https://github.com/zeek/zeek/pull/675
>
> - Jon
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20191101/bcd11507/attachment.html
More information about the Zeek
mailing list